analyze-experiment

Fail

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill instructs the user to install the 'tpc' command-line interface using a piped shell command (curl -fsSL https://cli.promptingco.com/install.sh | bash). Executing remote scripts directly in the shell is an insecure practice that allows for arbitrary code execution without verification.
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests to https://cli.promptingco.com to download installation scripts and retrieve experiment data.
  • [COMMAND_EXECUTION]: The workflows rely on multiple shell commands using the tpc CLI (e.g., tpc sim experiment results, tpc sim run logs) to gather information for analysis.
  • [DATA_EXFILTRATION]: Data from local experiment iterations, including agent transcripts and scores, is retrieved from or sent to the vendor's remote platform via the CLI tool.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted agent logs and transcripts from simulated experiments. Malicious content within these logs could potentially influence the agent's behavior during report generation.
  • Ingestion points: Data is ingested via tpc sim run logs and tpc sim experiment results as described in SKILL.md and workflows/analyze-experiment.md.
  • Boundary markers: No specific boundary markers or 'ignore' instructions are provided to isolate processed data from the agent's instructions.
  • Capability inventory: The agent can execute shell commands through the tpc CLI.
  • Sanitization: There is no explicit sanitization or filtering of the content retrieved from experiment logs before analysis.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.promptingco.com/install.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 16, 2026, 05:43 PM
Security Audit — agent-trust-hub — analyze-experiment